function legacy_GetUserFromCookie() { if (isset($_COOKIE['lusha'])) { $part = explode(".", $_COOKIE['lusha'], 3); if (count($part) < 2) { $GLOBALS['ERROR'] = "Parse Error"; return 0; } else { if (count($part) === 3) { $GLOBALS['ERROR'] = "Error: " . $part[2]; return 0; } } $id = intval($part[0]); $hash = $part[1]; if (defined('LEGACY_DEBUG')) { $user = []; $user['hash'] = "this_is_fake"; } else { $user = legacy_GetUser($id); } if (isset($user['hash']) && $user['hash'] == $hash) { unset($GLOBALS['ERROR']); return $id; } $GLOBALS['ERROR'] = "Login Failed"; } return 0; }
$response = json_NewResponse(); // MAIN (Only accept POST requests) // if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) { $action = trim($_POST['action']); if ($action == "LOGOUT") { setcookie("lusha", "", 0, "/", str_replace("theme", "", $_SERVER['SERVER_NAME'])); $response['logout'] = 1; } else { if ($action == "GET_HASH") { // This is only available to whitelisted clients, or while debugging // if (defined('LEGACY_DEBUG') || defined('IP_WHITELIST') && core_OnWhitelist($_SERVER['REMOTE_ADDR'], IP_WHITELIST)) { $id = intval($_POST['id']); $ip = $_POST['ip']; if ($id > 0 && inet_pton($ip) !== false) { //error_log($ip." - ".$_POST['ip']); $user = legacy_GetUser($id); // Not in Database yet if (empty($user)) { // Do handshake, confirm user exists // $result = legacy_FetchUserInfo($id); if (isset($result['register_date'])) { // Generate Hash // $user['hash'] = legacy_GenerateUserHash($id); } legacy_SetExtraInfo($id, $result); } if ($user) { access_LogUser($id, $ip); $response['hash'] = $user['hash']; } }